This is regarding the recent security bulletin: Security Bulletin
- What was the total window of exposure? It’s good to know you started patching on Sept 3, but that doesn’t tell us when the vulnerability was fully made non-exploitable, nor when it was first introduced.
- Are you aware of any attempts at exploitation, other than the reporter’s proof of concept?
- Are there any indications of compromise that we can use? That is, does exploitation leave any trace we can detect?